hi list
I run a webservice (and a mail service). All websites run under the same
UID of apa...@webserver.domain.com. I know, not ideal, but i cannot
change that bit. Problem is that if one site gets hacked, user apache
starts sending spam with no way to figure out which website is
misbehaving. Thus we are going to enforce websites to use SASL-auth.
Now the remaining problem is that ,even with SMTP-auth, the MAIL FROM
username sometimes is still apache. I know gmail rewrites the envelope
sender and the header sender based on the login name, but i have not
been able to find how to do this in postfix (canonical_classes does not
seem to help me here). I cannot really reject the mail using
reject_authenticated_sender_login_mismatch because the mails will be
send back to the apache user with again no knowledge of the true sender.
hope you can give me some pointers or documentation how I can solve this :)
best
Joris
